Origin verwendet keine log4j Komponenten

• Erstellt am 15.12.2021
• Software: Origin 2020 - 2022

Erläuterung

Hinsichtlich der kürzlich offengelegten log4j Sicherheitslücke hat der Hersteller der Software Origin (OriginLab Inc.) folgendes Statement veröffentlicht:

OriginLab does not use the parts of FlexNet Publisher that are affected by the vulnerability.

OriginLab does not use lmadmin in our FlexNet Publishing product.
OriginLab also does not use the optional "alerter module" code example for lmadmin, which is the code that has the vulnerability.

The vulnerability also affect other Flexnet products, but OriginLab does not use these.
For example:
FlexNet License Server Manager (FLSM)   -   OriginLab does not use FLSM.
InstallShield 2018 Code Aware                 -   OriginLab uses InstallShield 2021 not Code Aware.
(https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905)